Cyber Outlook Rundown 2/3/23

Cybersecurity News

A Cybersecurity briefing on noteworthy Cyber Attacks, Vulnerabilities, and InfoSec news.

Noteworthy Cyber Attacks Reported

1. A data breach involving Vice Media leaked the sensitive information and financial data of more than 1,700 people, according to filings with Maine’s Attorney General. In two separate filings on January 26 and 31, Vice Media said it was alerted in March 2022 that there was a cyberattack on its network. https://therecord.media/data-breach-at-vice-media-involved-ssns-financial-info/

2. Google Fi, Google's U.S.-only telecommunications and mobile internet service, has informed customers that personal data was exposed by a data breach at one of its primary network providers, with some customers warned that it allowed SIM swapping attacks. https://www.bleepingcomputer.com/news/security/google-fi-data-breach-let-hackers-carry-out-sim-swap-attacks/

3. The LockBit ransomware gang has claimed responsibility for the cyberattack on ION Group, a UK-based software company whose products are used by financial institutions, banks, and corporations for trading, investment management, and market analytics. https://www.bleepingcomputer.com/news/security/ransomware-attack-on-ion-group-impacts-derivatives-trading-market/

Noteworthy Vulnerabilities / Threats Discovered

1. GoAnywhere MFT, a popular file transfer application, is warning about a zero-day remote code injection exploit. The company said it has temporarily implemented a service outage in response. https://infosec.exchange/@briankrebs/109795710941843934

2. Malwarebytes has recently written about malvertising campaigns that leverage Google paid advertisements to try and trick people into downloading malware instead of the software they were looking for. This malware then stole login credentials from the affected system. Now, their researchers found that the malvertising campaigns via Google Ads are not just about software downloads and scams. They also include a much more direct way to get at your login credentials by phishing for users of popular password managers such as 1Password. https://www.malwarebytes.com/blog/threat-intelligence/2023/01/google-sponsored-ads-malvertising-targets-password-manager

3. Cybercriminals are targeting human-operated customer service executives in online gaming and gambling firms with an unseen backdoor. This backdoor, named IceBreaker, is active since September 2022. https://www.securityjoes.com/post/operation-ice-breaker-targets-the-gam-bl-ing-industry-right-before-it-s-biggest-gathering

Noteworthy InfoSec News

1. Last year was the worst on record for cryptocurrency heists, with hackers stealing as much as $3.8 billion, led by attackers linked to North Korea who netted more than ever before, a U.S.-based blockchain analytics firm said in a report on Wednesday. https://www.reuters.com/technology/crypto-hacks-stole-record-38-billion-2022-led-by-north-korea-groups-report-2023-02-01

2. Can we expect the popular artificial intelligence chatbot ChatGPT to be used against our organizations in the form of AI-infused cyberattacks in the next 12 to 24 months? The answer is a resounding yes, according to new research conducted by BlackBerry. This is just one of several insights from a January 2023 survey of 1,500 IT and cybersecurity decision-makers across North America, Australia, and the UK. The research reveals that worries about ChatGPT expressed on social media platforms are widespread among those managing our technology and cyber defenses. https://blogs.blackberry.com/en/2023/02/it-leaders-predict-chatgpt-enabled-cyberattacks-are-imminent

3. BlackBerry released their first Cybersecurity Global Threat Intelligence Report. The mission of this report is to provide actionable intelligence on targeted attacks, cybercrime-motivated threat actors, and campaigns targeting organizations like yours so that you can make well-informed decisions and take prompt effective actions. https://www.blackberry.com/us/en/solutions/threat-intelligence/2023/threat-intelligence-report-jan

4. In January, CISA released a handbook, "Securing Small and Medium-Sized Business Supply Chains," that provides an overview of supply chain risk categories commonly faced by ICT SMBs, including cyber risks. (direct link below) https://www.cisa.gov/ict-scrm-task-force

Check our Twitter and Discord Server for more information:

https://twitter.com/CyberOutlook

https://discord.com/invite/ZRMUz3Q9Uy

If you missed the last rundown, check it out here:

https://www.cyberoutlook.org/post/cyber-outlook-rundown-1-25-23

Additional resources:

1. January 10, 2023: CISA released the Securing Small and Medium-Sized Business (SMB) Supply Chains: A Resource Handbook to Reduce Information and Communication Technology Risks. https://www.cisa.gov/sites/default/files/publications/Securing-SMB-Supply-Chains_Resource-Handbook_508.pdf

2. Malwarebytes Labs https://www.malwarebytes.com/blog

3. BlackBerry Cybersecurity https://blogs.blackberry.com/en/category/cybersecurity

4. Cyware - provides threat intelligence, security orchestration and other cybersecurity resources https://cyware.com/